I got an old AWS instance created way back 2009 when I was still learning and only way to access AWS resources through the API was through an access id and security access key. Unfortunately during that time there were no IAM yet. Fast forward a year or so this is highly insecure as those access keys have root access. Best practice is to use IAM and create a user which you add to a Group assigned with the specific policy permissions.

We got a notice from AWS that we need to either rotate or delete our access keys. But better way to do it is create a new user instead.
1. First go to AWS console then IAM, on your dashboard you would see something like this if you have an access key generated from the root.2. Click accordion tab to expand and click on Manage Security Credentials

3. Expand Access Keys (Access Key ID and Secret Access Key) and check any access keys and where you likely used them. In my case I use them for Amazon SES via PHP SimpleEmailService class.

4. Delete the access keys.

5. Go to on Groups, click Create a Group then Give a name, Attach Policy – AdministratorAccess and AmazonSESFullAcces, then save.

6. Go to User, click on Create User and download the new access key and access secret key.

At last, finally found time to move my blog on LEMP(Linux, Nginx, MySQL and PHP-FPM) stack and it just one of the many goals I have set for starting overhauling this blog and over the coming days I’ll be optimizing it further and come up with a fresh new design. I’ve been running this blog on Amazon EC2 LAMP stack on t1.micro instance. With micro instances you have limited processing power and memory. Running apache is kinda like an overkill, MySQL most often times crashes due to running out of memory and this layout design is outdated and not responsive. I’ve been focused too much on Salesforce development that I’ve completely snobbed this blog and first love which is designing, web development.